01 / SCOPE
What this policy explains
This Privacy Policy applies to the Vynody player client and the vynody.site website, together referred to as “Vynody”. Vynody is independently developed and maintained by an individual developer. This policy explains what information Vynody may process when you use local music features and four online features, why it is processed, and how you can control it.
Vynody does not require an account and does not collect personal information for advertising profiles or personalized recommendations. The Vynody client and official website also contain no third-party analytics, behavioral tracking, or crash-reporting SDKs, such as Firebase Analytics or Sentry. You can use only local playback, library management, and favorites without using any online feature.
02 / LOCAL FIRST
Data that stays on your device
To provide core player features, Vynody may read or store the following on your device: music files and paths, song tags and artwork, playback position, play history, favorites, playlists, lyric cache, app settings, and local-network connection status.
In principle, this information stays on your device or on a local-network device you choose. Vynody does not automatically upload your complete music library to Vynody servers when you scan or play music.
Personal API keys or tokens configured for AI lyric generation or song identification are stored locally as preferences. They are sent over HTTPS directly to the relevant third-party service only when a request is made. Vynody’s developer and any relay server do not collect, record, or relay your API keys.
When you actively use an online feature, query fields, song audio, or audio fingerprints may be sent to the relevant service as needed for that feature. Before sending anything, make sure you have the right to process and upload the relevant music content.
03 / ONLINE FEATURES
How online features process information
AI lyric generation
When you actively request lyric generation, Vynody sends the content needed to complete the request to the AI service you select. This may include song audio or an audio segment, as well as file name, title, artist, album, and duration metadata. Available services currently include Google, OpenRouter, Doubao (Volcengine Ark), DeepSeek, and an endpoint you configure yourself. Results are returned to the client and may be stored locally according to app settings. Some music files may be uploaded to and stored by the selected AI provider’s cloud service. The Vynody client currently does not actively call the provider to delete uploaded files after generation; retention and expiration depend entirely on the provider’s policy, such as Google File API’s statement that uploaded files are automatically deleted after 48 hours. AI providers may process request content, technical logs, and generated results under their own privacy policies and terms.
Local-network file sharing
File sharing transfers files directly between devices on the same local network. This feature requires local-network permission and creates a local web-server port on the transferring device. Files are not automatically sent to Vynody’s remote servers because of this feature, but participating devices can see necessary network addresses, device names, shared file names, and transfer status. Use sharing only on trusted networks, and disable it or leave the transfer when finished.
Song identification and metadata lookup
When you actively identify a song, the Vynody client extracts an audio fingerprint (Chromaprint) locally using its built-in audio engine. Fingerprint calculation runs entirely on your device and does not upload the source audio file. After calculation, the client sends the fingerprint and metadata needed for identification to AcoustID. Results may then be used to query MusicBrainz and Cover Art Archive for tags, album information, and artwork. Results are returned to the client and may be cached locally. AcoustID, MusicBrainz, Cover Art Archive, and related services may record technical information needed for requests; see their own privacy policies.
Online lyric lookup
When you actively request online lyrics, Vynody sends the song title, artist, album, duration, or other matching metadata to LRCLIB. Lyrics and matching results are returned to the client and may be cached locally. Vynody does not upload the complete music file for an LRCLIB lookup unless a specific feature clearly tells you before use that an upload is required.
04 / THIRD PARTIES
Third-party services and external links
Vynody’s online features may use these third-party services: Google, OpenRouter, Doubao (Volcengine Ark), DeepSeek, and user-configured endpoints for AI lyric generation; AcoustID for song identification; MusicBrainz and Cover Art Archive for metadata and artwork; and LRCLIB for online lyric lookup. Song identification uses Vynody’s built-in public AcoustID API key by default. You can configure your own API key in app settings if you want your request history to be independent. Third parties receive information necessary to complete requests and may record technical logs such as IP address, request time, device, or network information. Their privacy policies and terms govern how they retain, use, and delete that data.
The Vynody website links to GitHub, download pages, and other external websites that Vynody does not control. Read the relevant privacy notices after opening an external link. The website currently also loads fonts from Google Fonts, so your browser may request font resources from Google when visiting this website.
Third-party interfaces, names, or data practices may change between versions. Vynody will update this policy when there are material changes to features or documentation.
05 / YOUR CONTROL
Your choices and rights
You can choose not to use online features at any time, and you can restrict Vynody’s network access through device permissions, app settings, or system settings. You can delete local lyric cache, play history, tag cache, and app data; the exact steps depend on your operating system.
If you submitted a request through a third-party service, you must contact that service directly to request access to or deletion of data it retains. Vynody cannot control data that a third party has already received.
If you believe information processed by Vynody is inaccurate, excessive, or insecure, contact us through the channel below. We will investigate and respond within a reasonable scope.
06 / SECURITY
Security
Vynody uses reasonable technical measures to reduce the risk of data exposure, but no network transmission or local-network sharing can be guaranteed to be completely secure. Keep the app up to date, avoid opening file sharing on public networks, and do not send sensitive content through untrusted AI or lookup services.
07 / CHANGES
Policy updates
We may update this policy when features, data practices, or applicable laws change. Updated versions will be published on this page with an effective date and version number. Continued use of Vynody means that you have read the updated policy.
08 / CONTACT
Contact us
Vynody is independently maintained by an individual developer. For privacy feedback, security reports, or data requests, email zgmf300@outlook.com, or submit an Issue through Vynody’s GitHub repository and include “Privacy” in the subject or description. Do not submit music files, identity information, access tokens, or other sensitive content in a public Issue.
Go to GitHub Issues ↗
GitHub